Network Security

Resolved! DMZ Internet Access

I think that I am on the last part of my Firewall config, and that is allowing traffic out of the DMZ to the Internet. In theory I have it working where Internet traffic coming in is allowed, but I haven't been able to test that yet.Here is the conf...

Using ASA5510 AIP-SSM in IDS mode

Hi,I' ve a Cisco ASA5510 with AIP-SSM and I wold like to use it like a one-armed IDS for connect them to a span port of a switch in my network, without the traffic passing through the Firewall.I've try to configure it and connect the interface insid...

Problems with very big latency ASA 5505

Hi,I have a big problem. When I download a big file from internet I can view that my latency grow too much. If nothing are surfing in internet I have 30 ms latency but if somebody download something I have 1000 ms of latency. Only happen in DMZ int...

https scanning through IPS

Is it possible to scan all the https traffic passing through AIP module installed on ASA (inbound and outbound)?

IOS content filtering on cisco 861w router

I go a 30 day trial code for the cisco ios content filtering for use with Cisco 861w. However, I am not able to configure the content filtering with either Cisco Configuration Professional (CCP) or CLI. I have downloaded the latest IOS image but th...

NAC manager doesn't change auth vlan to access vlan

Hi,I am trying to install L2 out-of band NAC in my LAN but I have problem for which I don't seem to find any solutions.The problem is that NAC manager simply doesn't change switchport from authentication to access vlan although useris authenticated a...

How to read/write port-security maximum per-vlan using SNMP on a 2960 ?

Hi there,I'm trying to configure port-security using SNMP on a 2960 (12.2(52)SE).Here is the switchport config I want:interface FastEthernet0/x switchport access vlan 10 switchport mode access switchport voice vlan 20 switchport port-security maximum...

Resolved! VPN to use static (dmz,inside)

I have a server in my DMZ with address 192.168.0.1 and I need it to be visible to my LAN as 172.16.0.1, so I have created this static NAT statement:static (dmz,inside) 172.16.0.1 192.168.0.1 netmask 255.255.255.255This works correctly and I can get t...

HTTP timeout on both Inside/Outside Interfaces

Does anyone experience intermittently http or https timeout on interfaces? Like when you access via ASDM, http, https to inside or outside interfaces of ASA and unable to open a page or when you're accessing webvpn is timing out? Thanks in advance .....

user Authentication using radius

Dear All,Need suggestion on below requirment:requirment:User who will access network devices for managment purpose should be authenticated through tacacs(ACS server 1113) and user who will access lan resources/application should be authenticated thr...

CSA MC 5.2 restore backup config fails

Hi, while trying to restore a backup configuration to a CSA MC I get the following error.Arithmetic overflow error converting expression to data type datetime.Database csamc52 restoring failed!From that it looks to be a date formatting error or simil...

Aironet 1100 access point

I have an Aironet 1100 access point.....how do I program a password in it to prevent unwanted wifi users?

RE: CONTENT SECURITY MODULE ISSUE

Hi all,I have a csc ssm installed on ASA 5520 with plus license. While trying to implement url filtering, if i put url to block, all http connections to any website are blocked. Is there anything i am missing in the csc setup. Please i need assistanc...

Resolved! excessive CPU overhead?

Hi all,This equipment is new and I'm experiencing too slowly when I connect via SSH, access privileged mode, or typing commands like "show run" for example.At first glance there appears to be excessive consumption (CPU utilization for five seconds...

NAC Deployement

Hiin campus envirments where a collapsed 2 Core and 2 Distribution with VSS enabled on both 6513 core/Distribution, along with 2000 users,Question Is:according the above situation what is the best deployment for NAC Manager/NAC Server,in term of L2/L...

Network Security

Forum Posts

Resolved! DMZ Internet Access

Using ASA5510 AIP-SSM in IDS mode

Problems with very big latency ASA 5505

https scanning through IPS

IOS content filtering on cisco 861w router

NAC manager doesn't change auth vlan to access vlan

How to read/write port-security maximum per-vlan using SNMP on a 2960 ?

Resolved! VPN to use static (dmz,inside)

HTTP timeout on both Inside/Outside Interfaces

user Authentication using radius

CSA MC 5.2 restore backup config fails

Aironet 1100 access point

RE: CONTENT SECURITY MODULE ISSUE

Resolved! excessive CPU overhead?

NAC Deployement

Cisco FTD/FMC IPsec Tunnels: “Up” Doesn’t Always Mean Working

Cyber Vision Sensor version

FTD 7.2.5.1 → 7.6.2 Upgrade sftunnel TLS Failure — Certificate Mismatc

Suppress Closed Responses on Non Existent TCP/UDP Ports

FMC Upgrade to > 7.4 || 7.6

Cisco FTD Evaluation Mode

Deployment is failing due to the policy changes report request in prog

FTD 4110 Generating Troubleshoot file - fails firewall

Cisco FirePower force HA failover to secondary FTD using vFMC 7.6.2

Upgrade FTD A-A Cluster via FMC Cluster